Field Automation Engineer – PLC, Robotics
VisiConsult - X-ray Systems & Solutions GmbH
Senior Windows Systems Engineer, Automation
CrowdStrike
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $125,000 - $180,000 per year
Job Level
Senior
Tech Stack
AWSCloudDNSEC2Google Cloud PlatformJenkinsPackerTerraformVaultVMware
About the role
- Architect, operate, and harden Active Directory (multi‑forest, multi‑site), DNS/DHCP, and NPS/RADIUS for Wi‑Fi/VPN/802.1X (EAP‑TLS)
- Lead GPO strategy, OU design, admin tiering, delegation, and AD replication/site topology
- Own endpoint lifecycle at scale: imaging/OSD, driver/firmware management, software packaging/distribution, update rings, device health/telemetry, and fleet compliance
- Engineer endpoint security baselines: BitLocker, LAPS, WDAC/AppLocker, Defender/EDR integrations, credential hardening, and certificate deployment for EAP‑TLS/mTLS
- Lead SCCM/MECM architecture and operations: Task Sequences/OSD, app packaging, SUP/WSUS patching, compliance baselines, collections, reporting/CMPivot, and role‑based access
- Drive release rings, maintenance windows, and measurable patch compliance SLOs across large fleets
- Triage and resolve complex endpoint/server issues: logon slowness, BSODs/hangs, app crashes, update/install failures, 802.1X/RADIUS auth problems, and TLS/certificate breakage
- Use deep diagnostics: Sysinternals (ProcMon/ProcExp/Autoruns), Windows Performance Toolkit (WPR/WPA), WinDbg/WER, ETW/WEF, PerfMon, Wireshark, and netsh/packet capture to find root causes and prevent recurrences
- Deliver automation (PowerShell, PowerShell DSC, Terraform, Packer) for provisioning, configuration, drift control, and compliance—with CI/CD (GitHub Actions/GitLab/Jenkins)
- Build self‑service patterns and APIs (golden images, desired‑state baselines, just‑in‑time access)
- Design and operate enterprise PKI: policy‑driven issuance/renewal, inventory/attestation, CRL/OCSP, and revocation at scale
- Integrate with ADCS, AWS ACM / ACM Private CA, GCP Certificate Authority Service, Venafi, HashiCorp Vault PKI, cert‑manager/ACME; enable EAP‑TLS, service mTLS, code‑signing, and device certs
- Standardize and harden Windows workloads in AWS (EC2/SSM/KMS/IAM/ACM/Directory Service/Route 53) and GCP (Managed Microsoft AD, GCE, Cloud DNS/KMS/CAS)
- Build reproducible images and baseline configs for domain‑joined and cloud‑native instances
- Hands‑on Windows server ops (storage/SMB, DFS, file/print), performance tuning, and core network triage (DHCP/DNS/Kerberos)
- Familiarity with virtualization (VMware vSphere/Hyper‑V), backup/restore workflows, and operational monitoring
Requirements
- 8+ years designing, building, and operating enterprise Windows platforms (server + endpoint)
- 8+ years owning AD, DNS/DHCP, NPS at large scale (10k+ endpoints or equivalent)
- Proven track record delivering large-scale SCCM (MECM) programs: OSD/Task Sequences, application packaging, SUP/WSUS patching at fleet scale, compliance baselines, and reporting
- Experience Managing endpoint computing outcomes: high patch compliance, stable driver/firmware lifecycle, reduced login times, and resilient EAP‑TLS/Wi‑Fi/VPN experiences
- Experience with PKI/CMaaS implementations (ADCS, ACM Private CA, GCP CAS, Venafi, Vault PKI, ACME) with automated issuance/renewal and expiry prevention
- Experience with Automation/IaC (PowerShell/DSC, Terraform, Packer) with CI/CD and testing
- Troubleshooting expertise: demonstrated success using Sysinternals, WPR/WPA, WinDbg, ETW/WEF, PerfMon, Wireshark, and Windows eventing to drive root cause and preventative engineering
- Deep AWS experience for Windows workloads; practical GCP experience for Windows services
- Strong security background: Windows hardening, least privilege/tiered admin, RBAC/PAM integration, WEF→SIEM pipelines, zero‑trust‑aligned patterns
- Excellent docs/design writing; ability to lead through influence across Infra, Security, SRE, and Networking
Benefits
- Remote-friendly and flexible work culture
- Market leader in compensation and equity awards
- Comprehensive physical and mental wellness programs
- Competitive vacation and holidays for recharge
- Paid parental and adoption leaves
- Professional development opportunities for all employees regardless of level or role
- Employee Networks, geographic neighborhood groups, and volunteer opportunities to build connections
- Vibrant office culture with world class amenities
- Great Place to Work Certified™ across the globe
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
Active DirectoryDNSDHCPNPSSCCMMECMPowerShellTerraformPKIEAP-TLS
Soft skills
leadershiptroubleshootingdocumentationinfluencecommunication
